heterogeneous modeling: hybrid systems hybrid models u
TRANSCRIPT
![Page 1: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/1.jpg)
Heterogeneous Modeling: Hybrid SystemsHeterogeneous Modeling: Hybrid Systems
u Hybrid Models
u Languages and Verification Problems
sSimulink and StateFlow
sCheckMate
sCharon
sMasaccio
sSHIFT
![Page 2: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/2.jpg)
MotivationMotivation
u Hybrid Systems are becoming a major modeling paradigm for embedded systemssCapability of modeling controller and plant
sUse of concurrent multiple levels of abstraction
u Difficult to verify and designsCombination of continuous and discrete dynamics of different types
sLack of “operationally strong” theoretical results
u Variety of tools and approaches mutually incompatible due to modeling differences
![Page 3: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/3.jpg)
Foundations of Hybrid ModelFoundations of Hybrid Model
u Used classic model by J. Lygeros, S. Sastry and C. Tomlin as basis
u Model consists of three parts:s Structure= sets, discrete and dynamical components
s Time Bases= intervals over which behavior is continuous
s Hybrid execution= rules according to which we have jumps and continuous flows
u Observations:s Non deterministic behavior allowed (needed)
s Fixed interaction structure
![Page 4: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/4.jpg)
CheckMate Hybrid Model Source: B. Krogh
![Page 5: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/5.jpg)
System SpecificationsSystem Specifications
![Page 6: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/6.jpg)
Driver Vehicle
force, speed, acceleration, jerk, rpm, fuel consumption,...
emissions, external noise, temperature, ...
Key, Brake, Gas, Transm.
Engine &
Driveline
Controller
spark advance, injection time,throttle angle
Closed loop vehicle modelClosed loop vehicle model
![Page 7: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/7.jpg)
Fast NegativeForce Transient
min f(D, Mfuel)�
<
�
max
Force Tracking
Fast PositiveForce Transient
Speed Tracking
n=n(.) n=n(.)
Idle &Trasm On
.G>0 | t>
�
. .G < GB| B=1
.G<0 | t>
� . .G > GA
G > 0
G = 0
T > 0
T=0 T=0
(G>0)&(T>0)
T=0
fI(n) = 0 & G=0
fI(n,G) > 0
.G=0 & C=1
.G > 0|B = 1
T > 0
T=0
OUTPUT:
n - Engine Speedn - Engine SpeedFFG G - Generated ForceVVGG - Vehicle Speed - Vehicle Speed
n=n(G)FG=0
Rpm Trackingn=argmin(Mfuel)
Idle
FG=0
VG= VG(.)
Stopn=0
FG=0
Startup
FG=0n= .
G > 0G = 0
(n < nmin)| (K=Off) n > nstartup
K = Start
(n < nmin)| (K = Off)
FG=FG(G,T,n)FG=FG(G,T,n)
max D�
<
�
max
min
�
FG=FG(G,T,n)
Mfuel < Mmax; D>Dmin
T>0 &G=0
INPUTS:
G - Gas PedalG - Gas PedalT - Clutch Pedal & Gear StickT - Clutch Pedal & Gear StickB - Brake PedalB - Brake PedalC - Cruise ControlC - Cruise Control
K - Key
D - Comfort
fI(n) = 0 & G=0
![Page 8: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/8.jpg)
Model of Power-trainModel of Power-train
��� � � ���
� �� � � � �� � � � �� � �� � �
� �� � �� �� ���� � !� " #�$ �&% � � � ��
��� � � � �� � � � �� � �� �' � � (� ( ) �* � �* + � �) � � � � �
, -/.0 1 1 2/304 35 657 857 2/394 8. : 1 6; 657 ,0 .<= 3
> 85 6 ?0 2@4 . 3A A = . 3 B 2= 1C -D5 A 3 . 1 60 5 EF3 2 3 8A 3G 3 8.C - 857 3
H3 - 6 C 2/394 3 3 @Simple?
![Page 9: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/9.jpg)
Combustion ProcessCombustion Process
INTAKE COMPRESSION EXPANSION EXHAUSTED
120°
320°
440°
570°CRANKSHAFT ANGLE
![Page 10: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/10.jpg)
![Page 11: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/11.jpg)
Engine and Drive-lineEngine and Drive-line
![Page 12: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/12.jpg)
positive spark advance:the spark is given beforethe TDC between C and E
negative spark advance:the spark is given afterthe TDC between C and E
FSM for a single cylinderFSM for a single cylinder
![Page 13: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/13.jpg)
Single Cylinder Hybrid ModelSingle Cylinder Hybrid Model
![Page 14: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/14.jpg)
u Mean-Value Model: accurate over a longer time window
sregulation control problems
s low performance transient problems
u Hybrid Model: cycle accurate
stransient control problems
sstability of delay-sensitive control algorithms
shigh performance control algorithms
Hybrid Model vs Mean-Value ModelHybrid Model vs Mean-Value Model
![Page 15: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/15.jpg)
Hybrid Systems LanguagesHybrid Systems Languages
u Simulation (Charon, Shift, Stateflow+Simulink)
u Formal Verification (Masaccio, Checkmate)
![Page 16: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/16.jpg)
OutlineOutline
u Hybrid Models
u Languages and Verification Problems
sSimulink and StateFlow
sCheckMate
sCharon
sMasaccio
sSHIFT
![Page 17: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/17.jpg)
What is a simulator?What is a simulator?
u Given a mathematical model of the system, computes its evolution and its outputs under a
pre-determined set of inputs
u The mathematical model expresses heterogeneity and concurrency
u The simulator computes the response of the model by mapping it onto the “device” used to
carry out the computation
u In general, the computing device has limited resources and is digital
s We must embed the model of time of the model into the model of the computing device that gives the “common denominator” (e.g., discretize time, synchronize)
s We must map a set of concurrent processes into a sequential system (e.g., schedule execution of concurrent processes)
![Page 18: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/18.jpg)
Hybrid Systems SimulationHybrid Systems Simulation
FSM,Discrete Eventand other MOCs
Continuous Time
• Integrator (hold)
Interface
Inputs Outputs
t
t
• Invariants & Guards• Sampling
![Page 19: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/19.jpg)
Hybrid System SimulationHybrid System Simulation
A simulator for hybrid systems must capture different types of behaviors:
sContinuos Time
sDiscrete Events
sFSMs …
and resolve the domain interface problems.
![Page 20: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/20.jpg)
Continuous TimeContinuous Time
u Model of computation is DISCRETE TIME
sAll variables are computed at each time pointt no run-time scheduling decisions on variable computation
sTime interval can be t fixed (bad for stiff systems), but no run-time decision
t variable (sophisticated solvers have this)u Variable time step algorithm predicts a time step that will satisfy accuracy criterion
based on previous behavioru After actual computation, step may be rejected because constraints are violatedu Run-time scheduling
![Page 21: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/21.jpg)
Discrete DomainDiscrete Domain
u Two basic techniques:
sZero-time assumption: t Static scheduling of computation
t Can be done off-line for maximum efficiency (cycle-based simulation)
sComponents modeled with delay (Discrete Event Model). t All components evaluated at the same time-point always (wasteful)t Follow reaction to events: schedule components whose inputs have changed (assumes
internal dynamics completely captured by pure delay) Selective-trace event-driven simulation.
![Page 22: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/22.jpg)
Zero-time LoopsZero-time Loops
xdtdx
IJ
/ xdtdx
K
/0
L
x0
M
x
Fo r f : S → S , de fine the se m a ntic s to be a fixe d p o int o f f
i. e . s suc h tha t
f (s) = s
![Page 23: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/23.jpg)
Synchronization ProblemSynchronization Problem
u “Synchronization” between domains:
ssample the continuous time interface variables
s integrate discrete event interface signals
sdetect guards and invariants (zero crossing detection)
![Page 24: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/24.jpg)
Simulator ArchitectureSimulator Architecture
u One simulator (e.g. Ptolemy)
s different algorithms for each domain and unique scheduler
u N simulators (e.g. Simulink-StateFlow, Simulink-Bones, Simulink-VCC)
sOne simulator per domain (different schedulers per domain) and communication among simulators.
sScheduler works by transferring control to simulator
sMuch less efficient but easier to do!
![Page 25: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/25.jpg)
Invariant DetectionInvariant Detection
u An approach: s the discrete event simulator checks the conditions sampling the continuos time variables
u Advantages:s easiest implementation
s strong separation between the two domains
u Drawbacks:s high precision detection reached only with long simulation time.
s high inter-process communication overhead
u Partial Solution:
s Simulation look-ahead
![Page 26: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/26.jpg)
OutlineOutline
u Introduction to WP
u Hybrid Models
u Languages and Verification Problems
sSimulink and StateFlow
sCheckMate
sCharon
sMasaccio
sSHIFT
u Conclusions and Future Work
![Page 27: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/27.jpg)
Source: B. Krogh
![Page 28: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/28.jpg)
The CheckMate Model: TEDHSThe CheckMate Model: TEDHS
Three parts:
sSwitched Continuous System (SCS), that takes in the discrete-valued input u and produces continuous state vector x as output into TEG.
sThreshold Event Generator (TEG), produces an event when a component of x crosses a corresponding threshold from the specified direction (rising, falling, or both) and feeds FSM.
sFinite State Machine (FSM), whose output, in turn, drives the continuous dynamics of the SCS.
![Page 29: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/29.jpg)
Source: B. Krogh
![Page 30: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/30.jpg)
Source: B. Krogh
![Page 31: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/31.jpg)
The Polyhedral Invariant Hybrid Automaton
A PIHA is a hybrid automaton with the following restrictions:
s The continuous dynamics for each location is governed by an ordinary differential equation (ODE).
s Each guard condition is a linear inequality (a hyper-plane guard).
s Each reset condition is an identity.
s For the hybrid automaton to remain in any location, of the hybrid system all guard conditions must be false. This restriction implies that the invariant condition for any location is the convex polyhedron defined by conjunction of the complements of the guards. This gives rise to the name polyhedral-invariant hybrid automaton.
![Page 32: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/32.jpg)
CheckMate SummaryCheckMate Summary
u Integrated with Matlab/Simulink/StateFlow
u Limited semantics to simplify analysis and allow formal verification
u Uses Simulink constructs to enter data
u Based on reachability analysis to abstract continuous away
u Can perform simulation, partial and complete verification
u Computationally complex…
![Page 33: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/33.jpg)
OutlineOutline
u Hybrid Models
u Languages and Verification Problems
sSimulink and StateFlow
sCheckMate
sCharon
sMasaccio
sSHIFT
![Page 34: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/34.jpg)
Charon is a high-level modeling language and a design environment for hybrid systems
reflecting the current state of the art both in formal and object oriented methods
(UML).
NArchitectural Hierarchy (Agents)OBehavioral Hierarchy (Modes)
P
Charon toolkitQSyntax-directed editorRParser and type checkerSGlobal simulatorTPlotter (from Ptolemy)
What is Charon?What is Charon?
![Page 35: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/35.jpg)
Language SummaryLanguage Summary
u Individual components described as agents
u Individual behaviors described as modes
u Support for concurrency
s Shared variables as well as message passing
u Support for discrete and continuous behavior
u Well-defined formal semantics
![Page 36: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/36.jpg)
Continuous Behavior in CharonContinuous Behavior in Charon
U
Differential ConstraintsV
write Position robot_Pos;W
diff diffStop {d(robot_ Pos.x)=0.0; d(robot_ Pos.y)=1.0;}
X
Algebraic EquationsY
write real robotEST;Z
read x ;[
alge contEST { robotEST = foo(x) + bar(x); }
\
Invariant Constraints in Modes]
inv invTUCost { lub <= x <= gub; }
![Page 37: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/37.jpg)
Simulation in CharonSimulation in Charon
u In the present approach, a program-specific simulator is generated from the Charon program
u Each object of the Charon program is converted into an executable Java object
u Together with a program-independent core, these objects implement behavior of the program (Compiled-Code simulator)
![Page 38: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/38.jpg)
^
Graphical input language
_
Modular simulation
`
Model Checker
Future ExtensionsFuture Extensions
![Page 39: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/39.jpg)
OutlineOutline
u Hybrid Models
u Languages and Verification Problems
sSimulink and StateFlow
sCheckMate
sCharon
sMasaccio
sSHIFT
![Page 40: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/40.jpg)
a b c d
e fg h i j h ik l j f mon hg j f fp j p n q r
sut vow x y zt { |} ~ ��� y } � �� z� � �� ������ � � � �� �� � ��� �� � �� �
� �� � � � �� � � � � � � � � � � �� �� � �� � � � � ��
� ��� �¡ ¢¡£ ¤ � ¥¡¦ § � ¨© ª � � ª�«¬® ® ¯ ¬ °± ¯² ² ³�´² ¬ µ ¯ ¶�· ¸º¹ ³» ¸ » °´ ¹ ± ¹ ¸ ´ ² » ²¹ ¼¹ » ± ² °® ¯² · ® ¬ ¯²
![Page 41: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/41.jpg)
Code
Model (e.g., Simulink)
Design Simulate
½¿¾ À ÁàÁÅÄ ÆÇ ÆÈ À
Code generation
No exact correspondence between model and code:
-difficult to upgrade code
-difficult to reuse code
No formal connection between requirements, model, and resources:
- expensive development cycle iterates all stages
Redesign
Embedded Software Design: Current State
![Page 42: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/42.jpg)
Code
Model Design Verify
Compilation (analysis, optimization, and code generation)
Embedded Software Design: UCB and PARADES Vision
![Page 43: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/43.jpg)
SLDLSLDL
SLDLSLDL
MASACCIO ATL
GIOTTO GIOTTO-ASC
SLDL 1
RTOS 1
DESIGN
MODEL
PROGRAM
EXECUTABLE
ARCHITECTURESCHEDULERCOMMUNICATION
HierarchicalHybrid
Modules
Time-TriggeredBlocks of
C Code
Model-check
Compile
given
Synthesize Refine
REQUIREMENTS
CONSTRAINTS
![Page 44: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/44.jpg)
MASACCIOMASACCIO
Semantics:
Component = interface + behaviors
Interface (the “statics”):
u Variables: input/output, discrete/continuous (data)
u Locations: entry/exit (control)
Behavior (the “dynamics”):
u Jumps: all variables may change (instantaneous)
u Flows: continuous variables evolve (real-valued duration)
![Page 45: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/45.jpg)
Masaccio & Charon: an informal comparisonMasaccio & Charon: an informal comparison
Charon’s hierarchy: architectural -> agents -> parallel composition
behavioral -> modes -> parallel & serial comp
Masaccio’s hierarchy:both architectural & behavioral -> components ->
parallel & serial comp.
Features:
É
Charon -> Simulation; more developed
Ê
Masaccio -> Formal Verification; few papers and few applications; focusing on Giotto at the moment
![Page 46: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/46.jpg)
OutlineOutline
u Introduction to WP
u Hybrid Models
u Languages and Verification Problems
sSimulink and StateFlow
sCheckMate
sCharon
sMasaccio
sSHIFT
u Conclusions and Future Work
![Page 47: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/47.jpg)
SHIFTSHIFT
Ë
Motivation: California PATH Smart AHS (Automated Highway Systems)
3. Semantics: similar to other languages, but with extensions for creating and deleting components (i.e. hybrid sub-systems) dynamically.
5. Syntax: C-like (component types akin to struct types in C).
![Page 48: Heterogeneous Modeling: Hybrid Systems Hybrid Models u](https://reader031.vdocuments.net/reader031/viewer/2022013015/61d02979a8eef412847e4745/html5/thumbnails/48.jpg)
SHIFTSHIFT
u SHIFT = Hybrid System Tool Interchange Format
u Programming language for describing dynamic networks of hybrid automata.
u Hybrid systems are components: can be created, interconnected and destroyed as the system evolves.
u Components may evolve independently, or interact through their inputs, outputs and exported events. The interaction network itself may evolve.